Exam Paper Flashcards
What is the difference between middleware and hypervisor
Middleware is a software intermediary for communication between applications, which simplifies development and integration in distributed systems
Hypervisors manage virtual machines for multiple OS on a single physical machine, enabling virtualization, improving resource utilisation
What are microservices
Pieces of an application that run independently and perform one service only, operating in its own environment and storing its own data
Advantages of Microservices
Resilience
Selective scalability
Extensibility
Flexibility (prog languages)
Explain why cloud computing is not network computing
CC extends beyond network computing, offering a broad range of services and resources.
CC provides on-demand access to a shared pool of configurable computing resources over the internet
What is Virtualization?
Creating multiple virtual instances of an entity on a single physical machine
Enhances hardware utilisation, scalability, and isolation, crucial for CC
What is Paravirtualisation
Definition: Virtualization technique requiring cooperation between the guest OS and hypervisor for efficient resource utilization.
Key Point: Guest OS is modified to be aware of the virtualized environment, enhancing performance compared to full virtualization.
What is an Elastic IP Address
Definition: Static and publicly routable IP address in cloud computing (e.g. AWS) that can be easily reassigned between virtual machines.
Key Point: Enhances flexibility and high availability by enabling quick remapping of IP addresses within the cloud infrastructure.
Define Cloud native applications
Definition: Software applications purpose-built for cloud environments, utilizing cloud services, microservices, containerization, and DevOps practices for enhanced scalability, flexibility, and automation.
Key Points: Designed for optimal performance in the cloud, promoting agility, resilience, and rapid development cycles.
What is a service mesh and what is its purpose
A service mesh is an infrastructure layer built into an app. This visible layer can document how well different parts of an app interact, so it becomes easier to optimise communication and avoid downtime as an app grows.
list 3 characteristics of cloud native applications
Microservices Architecture: Decomposed into small, independently deployable services for flexibility and scalability.
Containerization: Utilizes container technologies like Docker for consistent deployment and management across environments.
DevOps Practices: Embraces DevOps for collaboration, automation, and CI/CD pipelines, enhancing agility and efficiency in the cloud.
Challenges of Cloud-Native Applications
Complexity of Microservices Management:
Challenge: Coordinating and managing numerous microservices in a way that ensures seamless communication and integration.
Security Concerns:
Challenge: Addressing the complexities of security in a distributed environment, including securing individual microservices and managing access controls.
Dependency on Cloud Service Providers:
Challenge: Balancing reliance on cloud services while avoiding vendor lock-in, considering potential challenges in migrating between different cloud providers.
Continuous Monitoring and Observability:
Challenge: Ensuring effective logging, monitoring, and observability in the dynamic and distributed nature of cloud-native applications for timely issue identification and resolution.
Discuss one Limitation of Cloud Computing
Data Security and Privacy Concerns:
Data Breaches:
Concern: Potential for unauthorized access leading to compromise of data confidentiality and integrity.
Regulatory Compliance:
Concern: Challenges in ensuring compliance with industry-specific and regional regulations governing data storage and processing.
Loss of Control:
Concern: Relinquishing some control over data infrastructure when entrusting it to a third-party cloud provider.
Data Residency:
Concern: Issues related to storing data in specific geographic locations to comply with regulatory requirements.
Discuss the differences between virtual machines and containers
Hypervisor vs. Container Engine:
VMs: Run on a hypervisor, creating and managing virtualized environments.
Containers: Run on a container engine (e.g., Docker), sharing the host OS kernel.
Resource Overhead:
VMs: Greater resource overhead with full OS, consuming more memory and storage.
Containers: Lightweight, sharing the host OS kernel for faster startup, lower resource usage.
Isolation:
VMs: Strong isolation with individual OS, file system, and resources.
Containers: User space isolation; share the kernel, offering efficiency but different security implications.
Portability:
VMs: Less portable due to encapsulating the entire OS.
Containers: Highly portable, encapsulating only the application and dependencies.
Benefits of Computation offloading techniques
improves performance and responsiveness in computation intensive mobile applications.
Reduces the computational load on the mobile device by distributing processing tasks to external resources
Placement of computing resources
Location: Cloud servers are suitable for hosting computing resources.
Advantages: Offers scalability and flexibility for handling variable computational demands.
Benefits and applications of Microservices architecture
Benefits: Enables independent scaling, flexibility, and efficient management of diverse features.
Application: Suitable for dynamic and feature-rich applications, supporting faster updates and fault isolation.
Define elasticity
The ability of a system to automatically adapt to changing workloads by provisioning and de-provisioning resources dynamically.
Define scalability
The capability of a system to handle a growing amount of work or to be enlarged to accommodate growth.
What is hardware virtualisation? 2 pros and cons
a VMM is directly installed on the hardware system, VM hypervisor manages the memory, processor and resources
+ reduced maintenance overhead
+ minimal required changes in guest OS
(-) requires explicit support in the host CPU
(-) limits efficiency and scalability
What is the difference in the purpose of containers and unikernels?
Containers are designed to run multiple processes but unikernels are designed to run a single process.
How do containers differ from VMs?
Containers don’t use a hypervisor and provide faster resource provisioning.
How do containers leverage the host operating system?
They isolate processes and control their access to resources.
What is OS virtualisation? 2 pros and cons
VMM installed on the OS, useful for simulating multiple environments in parallel
+ multiple VMs operate independently
+ limited impact of malfunctions
- admin overhead
- heavy file system consumption
What is a Container Engine/Runtime?
A container engine processes container images based on user requests. It has an embedded runtime component that provides functionality such as security policies and communication channels with the kernel.
What is a Container Orchestrator?
A tool that supports development, QA, and production environments for continuous testing. It schedules workloads dynamically and provides standardized application definition files.
What is the difference in OS usage between containers and unikernels?
Containers share the kernel of the host OS while unikernels include a small kernel in each deployment unit.
What is the difference in resource allocation between containers and unikernels?
With containers, the OS handles resource allocation but with unikernels, the hypervisor handles resource allocation.
What is SOAP?
Simple Object Access Protocol is a messaging protocol that allows programs that run on different operating systems to communicate using XML
What is a Distributed System?
A collection of independent computing entities that are interconnected via a network to share resources and are capable of collaborating on a service/task
What are some reasons to virtualise?
Cost reduction
isolation
testing and evaluation
easy duplication
What is server virtualisation? 2 pros and cons
a VMM is deployed on the server and the server is divided into multiple virtual servers
+ Efficient and reliable backup and recovery
+ Supports IT operations
- significant upfront costs
- lower security and data protection
Containers vs Unikernels. Choose containers if
- you want a well documented, supported solution
- running an app that features complex workloads
- prefer simple deployments
Containers vs Unikernels. Choose Unikernels if
- you want to maximize security
- minimize resource consumption
- achieve complete platform independency
what is serverless computing and List the advantages of it
Serverless computing is a method of providing backend services on an as-used basis, allowing users to deploy code without the hassle of worrying about the underlying infrastructure
- lower costs
- simplified scalability
- simplified backend code
- quicker turnaround
What is REST architecture?
Representational State Transfer, is an architectural style for designing networked applications. It relies on a stateless communication model, where clients and servers exchange information
What is RPC?
RPC (Remote Procedure Call) protocols are simple means to send multiple parameters and receive results by invoking executable actions or processes
what is RAID?
Redundant Array of Independent Disks
Give a brief description of the three basic steps used in Modern Pipelines
During Collection, raw data is loaded into a repository, often in a raw data zone
During Transformation, the data is transformed with data from other sources, and the data types are modified so they are ready for data consumption
Delivery makes business-ready data available to other staff.
What is a data pipeline
A set of data processing elements that move data from source to destination, often from one format to another
Give a brief description of RAID 0 (Striping)
Data is striped across multiple disks for improved performance. However, there is no redundancy, so the failure of one disk can result in data loss.
Give a brief description of RAID 1 (Mirroring)
Data is duplicated across two disks for redundancy. If one disk fails, the data is still available on the other
Give a brief description of RAID 5 (Striping with Parity)
Data is striped across multiple disks, and parity information is used for fault tolerance. If one disk fails, the parity information can be used to reconstruct the data.
How do Network-attached storage(NAS) and Storage-area networks (SANs) differ?
NAS is a single storage device that is connected to a local network while SANs include storage devices in the local network
What is a Network File System (NFS)
a network abstraction over a file system that allows a remote client to access it over a network in a similar way to a local file system
What is the key distinction between data lakes and data warehouses regarding the type of data they store?
Data lakes store data of all structure types, including raw and unprocessed data, whereas data warehouses store data that has been treated and transformed for specific purposes
What is a significant difference in storage options and complexity between data lakes and data warehouses?
Data lakes offer more storage options, have more complexity, and have different use cases compared to data warehouses
What differentiates the data storage requirements for data lakes and data warehouses, especially concerning schema design and data loading?
Data warehousing requires schema design before saving data and only supports loading structured data. In contrast, data lakes have no such requirements and can store any data at any scale
What is the Compute Over Data paradigm?
a computing paradigm where processing of data is performed near the location of the data
Differences between Static and Dynamic Computation Offloading
Static: specific parts are always executed on the cloud
Dynamic: the application contains a module that decides at runtime whether parts of a program will be executed on the cloud or locally
What is Edge Computing?
A network architecture concept that enables CC capabilities and an IT service environment at the edge of any network
Extra challenges when securing PaaS
- Limited control over Infrastructure
- Vendor lock-in concerns
- Data security and compliance
- Data encryption and privacy
- Integration and External Services
- DevOps and Continuous Integration/Deployment (CI/CD)
API security considerations
- Employ secure authentication protocols
- Ensure data transmission is encrypted
- Validate and sanitise input data
- Implement rate limiting and throttling mechanisms
- Manage the life cycles of APIs
- Implement robust logging and monitoring capabilities
Why is securing APIs crucial in IaaS platforms?
IaaS platforms heavily rely on APIs for resource provisioning and management.
What challenge does vulnerability management pose in IaaS environments, and why is it challenging to ensure all resources are up-to-date with the latest security patches?
Identifying and patching vulnerabilities in a timely manner is challenging in IaaS due to numerous virtual instances and a fast-paced deployment model.
What is a challenge associated with limited control over infrastructure in PaaS, particularly concerning security configurations?
Limited control over infrastructure in PaaS makes it challenging to set custom security measures due to the abstracted underlying infrastructure
Why does data security become critical in PaaS platforms?
Data security is critical in PaaS due to shared resources
What is crucial for maintaining privacy and meeting compliance requirements in PaaS, especially when dealing with sensitive data?
Proper encryption of data at rest, in transit, and during processing is crucial in PaaS for maintaining privacy and meeting compliance requirements.
Why is securing integrations with external services and APIs important in PaaS applications?
to prevent security vulnerabilities
What challenges may organizations face regarding data residency and compliance when using SaaS
to understand and ensure compliance with data residency requirements and international regulations, particularly when data is hosted in multiple geographic locations.
What limitations might organizations encounter in SaaS applications?
Customisation, posing challenges for aligning with specific security requirements or integrating seamlessly with other on-premises or cloud-based solutions.
What challenges may arise when integrating SaaS applications with on-premise systems?
security challenges, especially concerning data flow and access controls
Why is securing APIs crucial in SaaS applications, and what specific measures are important for preventing data breaches or unauthorized access?
SaaS applications often expose APIs for integration. Securing these APIs, including proper authentication and authorization mechanisms, is crucial to prevent data breaches or unauthorized access.
What is essential for maintaining business continuity when using SaaS?
understanding the provider’s SLAs, backup, and disaster recovery mechanisms
What role do end-users play in SaaS security?
preventing issues like unauthorized sharing of sensitive information or falling victim to phishing attacks.
How to ensure data resilience when using SaaS?
Understanding of the backup and recovery processes of the provider
In terms of SaaS reliability and availability, what measures can organizations take to maintain business continuity?
Organizations can maintain business continuity by understanding and adhering to provider SLAs, backup, and disaster recovery mechanisms, ensuring the availability and reliability of SaaS applications.
Why should you validate and sanitise input data in regard to API Security?
To prevent injection attacks
How to protect APIs from abuse and potential denial-of-service attacks?
By implementing rate limiting and throttling mechanisms
What should you regularly review and update in an APIs lifecycle?
Security measures
In API security, how do you detect and respond to security incidents?
Implement robust logging and monitoring capabilities
What should you thoroughly assess and understand when integrating with third-party APIs
Their authentication mechanisms, data protection practices, and overall security posture.
What is Mobile Cloud Computing
An infrastructure where both the data storage and data processing happen outside of the mobile device
What is Device-to-Device Collaboration and how does it work?
Device-to-device collaboration involves multiple devices cooperating (locally) to perform a computation task.
How it works:
Devices communicate directly using Wi-Fi, Bluetooth, or ad-hoc networks.
Computation task is divided, and each device is assigned a portion.
Devices collaborate by sharing intermediate results or coordinating efforts.
Final result is obtained by aggregating partial results or iterative exchanges.
What are Sockets and how do they work
Sockets are a communication method for processes on different devices to exchange data (over a network)
How it works:
- Client establishes a connection to the server using sockets.
- Computation task is divided.
- Client sends data/instructions to the server through sockets.
- Server performs computation.
- Results are sent back to the client through the socket connection.
Give a brief overview of the factors affecting decentralisation
Architectural: how many physical computers is a system made up of?
Political: how many individuals or organizations control the computers that the system is made up of?
Logical: does the interface and data structures that the system presents and maintains look more like a single monolithic object, or an amorphous (shapeless) swarm?
What is the Cloud-Edge continuum?
a spectrum covering everything from big cloud data centers to smaller edge devices.
Where to place computing and data processing resources within the cloud-edge continuum?
depends on factors like latency, data volume, cost, and specific use cases
What are some challenges behind securing IaaS?
- Shared responsibility model
- API Security
- Vulnerability Management
- Incident Response and Forensics
- Continuous Monitoring and Auditing
What are some challenges behind securing SaaS?
- Data residency and compliance
- customisation limitation
- data security and privacy controls
- Integration with on-premise systems
- Security of APIs
- Service Reliability and availability
- User education and awareness
- Data backup and recovery
Potential attacks on APIs
API abuse or injection
What is the shared responsibility model in the context of IaaS, and what are the respective responsibilities of the provider and customers?
The shared responsibility model in IaaS means the provider secures the infrastructure, while customers are responsible for securing their data and applications.
Why does incident response become more complex in a distributed and virtualized IaaS environment?
Establishing effective incident response plans and conducting forensics investigations may require specialized tools and expertise.
Why is achieving continuous monitoring and auditing challenging in a dynamic IaaS environment, and what aspects should be regularly monitored for maintaining security?
Achieving continuous monitoring and auditing in a dynamic IaaS environment can be resource-intensive. Regular monitoring of configurations, access controls, and activities is essential for maintaining security.
What concerns may arise in adopting a PaaS solution regarding vendor lock-in?
Migrating applications to another platform can be challenging, and users may feel constrained by specific security features of the chosen PaaS provider.
What does “as a service” offer
- scalability
- multi-tenancy (resource sharing)
- device independence (ease of access)
- easily acquirable
List the advantages of Cloud Storage
- cheaper storage solution than physical
- convenient data sharing
- reliability
List the disadvantages of Cloud Storage
- network connection reliance
- security
MapReduce in a nutshell
- Prepare the input to map by selecting a key
- Execute map in each node and generate output based on another key
- Shuffle the output
- Execute reduce
- Produce the final output
